Topic navigation

Blog Articles

Integrating PicketLink with OKTA for SAML based SSO

JBoss Application Server ships with PicketLink module for enabling SAML based SSO. PicketLink is an open source module and it is SAML v2.0 complained, for more information about ‘PicketLink’ please visit picketlink.org.

Now the requirement is to enable SAML based SSO in JBoss Application Server where IDP is OKTA.

Before we start enabling this, one should have an OKTA organization, a free developer organization can be created here.

If you already have an OKTA organization, you need to set up a SAML application by following the steps below.

Login into your OKTA organization and click on “Admin”.

Click on Applications.

Add a new application.

Create a new application.

Keep the Platform as the web and select sign method as SAML 2.0 and click on create.

Give your application a name and click on next.

In this section, you need to do your SAML configuration.

Note: Here we are not using any advanced setting, if you want your assertion to be signed and encrypted you can check in the advanced settings.

Coming to the part of the PicketLink configuration, you have to be aware of your SP and IDP URL, you can find your IDP url from OKTA by following the steps below.

Navigating into application into your newly created application.

Navigate to “Sign On” tab and click “View Setup Instruction” and you will find “Identity Provider Single Sign-On URL”.

In the JBoss application server end, you can try with this application, here you just need to change the IDP url in picketlink.xml and use OKTA URL which you received in the previous step, you also need to change the SP url (https://localhost:8443/picketlink-enc/). Make sure that context-root is set as “picketlink-enc” in jboss-web.xml .

To login into the application, you need to assign users in OKTA for the application you have created.

Now you can get access to your application (https://localhost:8443/picketlink-enc/) authenticating via OKTA.

Privacy Preference Center

Consent Management

We use cookies on our websites to deliver our online services. Details about how we use cookies and how you may disable them are set out in our Privacy Statement. By using this website you agree to our use of cookies.

Privacy Policy

Required

We use cookies on our websites to deliver our online services. Details about Red Hat's privacy policy, how we use cookies and how you may disable them are set out in our Privacy Page. By using this website you agree to our use of cookies.